allow_nets=local in passdb gets "auth: Panic"
SATOH Fumiyasu
fumiyas at osstech.jp
Tue Jan 5 15:31:11 UTC 2016
At Mon, 4 Jan 2016 14:19:52 -0500,
Timo Sirainen wrote:
> > passdb {
> > driver = ldap
> > args = /etc/dovecot/dovecot-ldap.conf.ext
> > default_fields = allow_nets=local,127.0.0.1,10.255.1.0/24
> > }
> >
> > This triggers "auth: Panic" on POP3/IMAP logins as the below:
> >
> > Dec 22 14:57:39 localhost dovecot: auth: ldap(u0000,::1,<oiF8SHYngqsAAAAAAAAAAAAAAAAAAAAB>): allow_nets: Invalid network 'local'
> > Dec 22 14:57:39 localhost dovecot: auth: Panic: file net.c: line 1137 (net_is_in_network): assertion failed: (IPADDR_IS_V6(ip) == IPADDR_IS_V6(net_ip))
> >
> > `doveadm auth test <username> <password>` is no problem as expected.
> >
> > What's wrong?
>
> allow_nets can only contain IP/network ranges. You can't use any names like "local". Anyway, it still shouldn't crash. This fixes it:
Dovecot 2.2.15 has the following change:
+ passdb allow_nets=local matches lookups that don't contain an IP
address (internally done by Dovecot services)
I use the "allow_nets=local" to allow administrtors to run
`doveadm auth test username`. If allow_nets has no "local",
it is failed (rejected?). Is this a bug?
# doveadm auth test foobar
Password: correct-password
passdb: foobar auth failed
extra fields:
user=foobar
> https://github.com/dovecot/core/commit/f53a1b98d6792a3aa28474fca0901b1de035f8ba
Thank you!
--
-- Name: SATOH Fumiyasu @ OSS Technology Corp. (fumiyas @ osstech co jp)
-- Business Home: http://www.OSSTech.co.jp/
-- GitHub Home: https://GitHub.com/fumiyas/
-- PGP Fingerprint: BBE1 A1C9 525A 292E 6729 CDEC ADC2 9DCA 5E1C CBCA
More information about the dovecot
mailing list